const db = require('../db/db')
module.exports = {
    // 用户管理权限验证
    usersValid:
         async (ctx,next)=>{
            const {id,userId} = ctx.request.body
            const [[res]] = await db.promise().query('select identity from users  where id=?',id)
            const power =res.identity
            const [[resed]] = await db.promise().query('select identity from users  where id=?',userId)
            const powered =resed.identity
            // 2.判断身份权重
            if(power>=powered){
               return ctx.body = {
                    code:201,
                    msg:'权限不足'
                }
            }
            await next()
        },
    // 文章分类权限验证
    categorizeValid:
         async (ctx,next)=>{
            const {user_id,categorize_id} = ctx.request.body
            // 根据文章id获取作者名，然后根据作者名获取作者身份，对比操作人的身份和作者身份
            // 判断身份权重 if(power>=powered) ==> 权限不足
            const [[res]] = await db.promise().query('select identity from users  where id=?',user_id)
            const power =res.identity
            if(power == 0){
                await next()
            }else{
                const [[author]] = await db.promise().query('select author from categorizes  where id=?',categorize_id)
                const username = author.author
                const [[authorRes]] = await db.promise().query('select identity from users  where username=?',username)
                const powered =authorRes.identity
                // 2.判断身份权重
                if(power>=powered){
                    return ctx.body = {
                         code:201,
                         msg:'权限不足'
                     }
                 }
                await next()
            }
            
        }
}